LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Sun Jun 24 10:47:52 EDT 2018

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today133N/AN/AN/AN/AN/A
ALL Hosts This Month 23 2,168 94.26 37.14 93 169 18
ALL Hosts Last Month 31 2,996 96.65 41.33 90 185 30
ALL Hosts This Year 174 6,970 40.06 45.09 16 185 1
ALL Hosts Since Logging Started 888 127,337 143.40 289.59 70 4,447 0
ALL Hosts Normalized Since Logging Started 1,528 46,608 30.50 167.39 9 4,253 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today111N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 65.48 30.35 46 140 18
ALL Hosts Last Month 31N/A 34.06 16.70 41 64 5
ALL Hosts This Year 174N/A 19.05 24.82 27 140 1
ALL Hosts Since Logging Started 888N/A 27.81 23.56 31 317 0
ALL Hosts Normalized Since Logging Started 888N/A 27.81 23.56 31 317 0
IP Address Overlap With Longtail Ssh Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 0.87 0.54 1 2 0
ALL Hosts Last Month 31N/A 0.10 0.30 0 1 0
ALL Hosts This Year 174N/A 0.16 0.39 0 2 0
ALL Hosts Since Logging Started 888N/A 0.82 1.66 0 17 0
ALL Hosts Normalized Since Logging Started 888N/A 0.82 1.66 0 17 0
-Uniq-Ips Txt Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 57.87 31.86 40 133 0
ALL Hosts Last Month 31N/A 29.52 15.60 40 58 5
ALL Hosts This Year 174N/A 15.47 23.44 37 133 0
ALL Hosts Since Logging Started 888N/A 13.88 19.28 21 293 0
ALL Hosts Normalized Since Logging Started 888N/A 13.88 19.28 21 293 0
404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 29.09 15.65 31 58 1
ALL Hosts Last Month 31N/A 67.32 39.20 56 144 2
ALL Hosts This Year 174N/A 23.01 30.30 3 144 0
ALL Hosts Since Logging Started 859N/A 92.43 273.40 32 4,304 0
ALL Hosts Normalized Since Logging Started 859N/A 92.43 273.40 32 4,304 0
Uniq 404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today123N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 24.13 13.50 29 51 1
ALL Hosts Last Month 31N/A 43.19 23.39 48 108 2
ALL Hosts This Year 174N/A 16.73 19.99 3 108 0
ALL Hosts Since Logging Started 859N/A 29.08 46.88 22 697 0
ALL Hosts Normalized Since Logging Started 859N/A 29.08 46.88 22 697 0
Uniq Shellshock Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 31N/A 0.00 0.00 0 0 0
ALL Hosts This Year 174N/A 0.01 0.08 0 1 0
ALL Hosts Since Logging Started 859N/A 2.36 17.66 0 391 0
ALL Hosts Normalized Since Logging Started 859N/A 2.36 17.66 0 391 0
Shellshock Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 31N/A 0.00 0.00 0 0 0
ALL Hosts This Year 174N/A 0.01 0.08 0 1 0
ALL Hosts Since Logging Started 888N/A 2.58 17.90 0 391 0
ALL Hosts Normalized Since Logging Started 888N/A 2.58 17.90 0 391 0
Uniq Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 27.78 14.22 35 54 3
ALL Hosts Last Month 31N/A 46.42 23.37 50 111 5
ALL Hosts This Year 174N/A 19.24 20.41 38.5 111 1
ALL Hosts Since Logging Started 859N/A 34.19 48.65 25 743 0
ALL Hosts Normalized Since Logging Started 859N/A 34.19 48.65 25 743 0
Wget Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 0.00 0.00 0 0 0
ALL Hosts Last Month 31N/A 0.00 0.00 0 0 0
ALL Hosts This Year 174N/A 0.01 0.08 0 1 0
ALL Hosts Since Logging Started 859N/A 2.36 17.66 0 391 0
ALL Hosts Normalized Since Logging Started 859N/A 2.36 17.66 0 391 0
 
Hosts protected by BlackRidge Technologies
 
Hosts protected by an Intrusion Protection System
 
Educational Sites
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential server
Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today128N/AN/AN/AN/AN/A
shepherd This Month 20 767 38.35 16.42 39.5 71 4
shepherd Last Month 26 872 33.54 26.13 26.5 133 1
shepherd This Year 149 2,036 13.66 20.08 4 133 0
shepherd Since Logging Started 778 23,205 29.83 41.86 9 228 0
shepherd Normalized Since Logging Started 778 23,205 29.83 41.86 9 228 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today16N/AN/AN/AN/AN/A
shepherd This Month 20N/A 25.70 14.18 33 49 4
shepherd Last Month 26N/A 9.62 5.34 3.5 21 1
shepherd This Year 149N/A 6.27 10.04 2 49 0
shepherd Since Logging Started 779N/A 6.57 6.51 2 49 0
shepherd Normalized Since Logging Started 779N/A 6.57 6.51 2 49 0
IP Address Overlap With Longtail Ssh Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 20N/A 0.15 0.36 0 1 0
shepherd Last Month 26N/A 0.00 0.00 0 0 0
shepherd This Year 149N/A 0.02 0.14 0 1 0
shepherd Since Logging Started 779N/A 0.12 0.42 0 4 0
shepherd Normalized Since Logging Started 779N/A 0.12 0.42 0 4 0
-Uniq-Ips Txt Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 20N/A 19.80 17.29 16 47 0
shepherd Last Month 26N/A 5.31 4.84 9 16 0
shepherd This Year 149N/A 4.03 9.29 1 47 0
shepherd Since Logging Started 778N/A 3.40 5.03 2 47 0
shepherd Normalized Since Logging Started 778N/A 3.40 5.03 2 47 0
404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 20N/A 12.65 11.51 21.5 37 0
shepherd Last Month 26N/A 24.12 25.49 21.5 119 0
shepherd This Year 149N/A 7.65 15.17 1 119 0
shepherd Since Logging Started 770N/A 14.08 22.85 18 172 0
shepherd Normalized Since Logging Started 770N/A 14.08 22.85 18 172 0
Uniq 404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today123N/AN/AN/AN/AN/A
shepherd This Month 20N/A 11.60 11.85 2 36 0
shepherd Last Month 26N/A 17.92 13.79 26.5 44 0
shepherd This Year 149N/A 6.20 10.74 1 44 0
shepherd Since Logging Started 770N/A 6.11 13.70 14 100 0
shepherd Normalized Since Logging Started 770N/A 6.11 13.70 14 100 0
Uniq Shellshock Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 20N/A 0.00 0.00 0 0 0
shepherd Last Month 26N/A 0.00 0.00 0 0 0
shepherd This Year 149N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 770N/A 0.46 5.07 0 86 0
shepherd Normalized Since Logging Started 770N/A 0.46 5.07 0 86 0
Shellshock Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 20N/A 0.00 0.00 0 0 0
shepherd Last Month 26N/A 0.00 0.00 0 0 0
shepherd This Year 149N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 778N/A 0.45 5.04 0 86 0
shepherd Normalized Since Logging Started 778N/A 0.45 5.04 0 86 0
Uniq Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 20N/A 14.00 12.45 16.5 39 1
shepherd Last Month 26N/A 19.88 13.97 30 46 1
shepherd This Year 149N/A 7.50 11.20 2 46 0
shepherd Since Logging Started 770N/A 8.18 14.92 24 147 0
shepherd Normalized Since Logging Started 770N/A 8.18 14.92 24 147 0
Wget Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 20N/A 0.00 0.00 0 0 0
shepherd Last Month 26N/A 0.00 0.00 0 0 0
shepherd This Year 149N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 770N/A 0.46 5.07 0 86 0
shepherd Normalized Since Logging Started 770N/A 0.46 5.07 0 86 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS-Amazon Webservices webserver
Time
Frame
Number
of Days
Total
Webpages Requested
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 16 0 0.00 0.00 0 0 0
AWS Last Month 28 0 0.00 0.00 0 0 0
AWS This Year 127 0 0.00 0.00 0 0 0
AWS Since Logging Started 750 23,403 31.20 235.08 9 4,253 0
AWS Normalized Since Logging Started 750 23,403 31.20 235.08 9 4,253 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 16N/A 0.00 0.00 0 0 0
AWS Last Month 28N/A 0.00 0.00 0 0 0
AWS This Year 127N/A 0.00 0.00 0 0 0
AWS Since Logging Started 750N/A 7.34 8.93 12 109 0
AWS Normalized Since Logging Started 750N/A 7.34 8.93 12 109 0
IP Address Overlap With Longtail Ssh Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 16N/A 0.00 0.00 0 0 0
AWS Last Month 28N/A 0.00 0.00 0 0 0
AWS This Year 127N/A 0.00 0.00 0 0 0
AWS Since Logging Started 750N/A 0.24 0.59 0 7 0
AWS Normalized Since Logging Started 750N/A 0.24 0.59 0 7 0
-Uniq-Ips Txt Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 16N/A 0.00 0.00 0 0 0
AWS Last Month 28N/A 0.00 0.00 0 0 0
AWS This Year 127N/A 0.00 0.00 0 0 0
AWS Since Logging Started 749N/A 4.02 7.18 17 103 0
AWS Normalized Since Logging Started 749N/A 4.02 7.18 17 103 0
404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 16N/A 0.00 0.00 0 0 0
AWS Last Month 28N/A 0.00 0.00 0 0 0
AWS This Year 127N/A 0.00 0.00 0 0 0
AWS Since Logging Started 742N/A 25.89 235.56 15 4,241 0
AWS Normalized Since Logging Started 742N/A 25.89 235.56 15 4,241 0
Uniq 404 Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 16N/A 0.00 0.00 0 0 0
AWS Last Month 28N/A 0.00 0.00 0 0 0
AWS This Year 127N/A 0.00 0.00 0 0 0
AWS Since Logging Started 742N/A 6.84 17.07 15 170 0
AWS Normalized Since Logging Started 742N/A 6.84 17.07 15 170 0
Uniq Shellshock Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 16N/A 0.00 0.00 0 0 0
AWS Last Month 28N/A 0.00 0.00 0 0 0
AWS This Year 127N/A 0.00 0.00 0 0 0
AWS Since Logging Started 742N/A 0.23 3.50 0 84 0
AWS Normalized Since Logging Started 742N/A 0.23 3.50 0 84 0
Shellshock Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 16N/A 0.00 0.00 0 0 0
AWS Last Month 28N/A 0.00 0.00 0 0 0
AWS This Year 127N/A 0.00 0.00 0 0 0
AWS Since Logging Started 750N/A 0.23 3.48 0 84 0
AWS Normalized Since Logging Started 750N/A 0.23 3.48 0 84 0
Uniq Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 16N/A 0.00 0.00 0 0 0
AWS Last Month 28N/A 0.00 0.00 0 0 0
AWS This Year 127N/A 0.00 0.00 0 0 0
AWS Since Logging Started 742N/A 8.18 17.44 14.5 172 0
AWS Normalized Since Logging Started 742N/A 8.18 17.44 14.5 172 0
Wget Webpages Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 16N/A 0.00 0.00 0 0 0
AWS Last Month 28N/A 0.00 0.00 0 0 0
AWS This Year 127N/A 0.00 0.00 0 0 0
AWS Since Logging Started 742N/A 0.23 3.50 0 84 0
AWS Normalized Since Logging Started 742N/A 0.23 3.50 0 84 0

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2